package edu.hit.mylib.config;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;

/**
 * @author 刘智彬
 * @apiNote Spring Boot Security安全验证配置类
 * @see org.springframework.security
 */
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .anyRequest()
                .anonymous()
                .and()
                .csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
    }

}


/*

@EnableWebSecurity*/
/*添加注解使生效*//*

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    */
/*链式编程*//*


    */
/*授予角色认证*//*

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        */
/*在内存中授予认证（后期记得转到数据库中[auth.jdbcAuthentication()]）*//*

        auth.inMemoryAuthentication().*/
/*设置密码加密方式，网络被抓包太不安全*//*
passwordEncoder(new BCryptPasswordEncoder())
                .withUser("").password(new BCryptPasswordEncoder().encode("")).roles("normal", "vip1")
        .and()
        .withUser("").password("").roles();

    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.
                authorizeRequests()
                    */
/*首页所有人都可以访问*//*

                    .antMatchers("/index").permitAll()
                    */
/*拥有vip1级别的人才可以访问*//*

                    .antMatchers("/index/").hasRole("vip1");

        */
/*没有权限，跳到登录页面*//*

        http.formLogin();


    }
}
*/
